Page MenuHomePhabricator
Create Task
Maniphest T305200

Tracking bug for MediaWiki 1.35.7/1.37.3/1.38.2
Closed, ResolvedPublic
Actions

Description

Previous work: T297830: Tracking bug for MediaWiki 1.35.6/1.36.4/1.37.2

Tracking bug for next security release, 1.35.7/1.37.3/1.38.2

Related Objects
Search...

Event Timeline

Reedy added projects: Security, MediaWiki-Releasing.Mar 31 2022, 10:05 PM
Reedy subscribed.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMar 31 2022, 10:05 PM
Reedy added a parent task: T305199: Release MediaWiki 1.35.7/1.37.3/1.38.2.Mar 31 2022, 10:05 PM
DannyS712 updated the task description. (Show Details)Mar 31 2022, 10:13 PM
sbassett added a subtask: T309028: action=edit&redirect=true bypasses protection.May 26 2022, 7:55 PM
sbassett closed subtask T309028: action=edit&redirect=true bypasses protection as Resolved.Jun 3 2022, 9:25 PM
Reedy renamed this task from Tracking bug for MediaWiki 1.35.7/1.37.3/1.38.1 to Tracking bug for MediaWiki 1.35.7/1.37.3/1.38.2.Jun 6 2022, 2:59 PM
Reedy removed a subtask: T309028: action=edit&redirect=true bypasses protection.
Reedy updated the task description. (Show Details)
Reedy added a subtask: T309377: CVE-2022-29248: Update "guzzlehttp/guzzle" to version 6.5.6.Jun 24 2022, 8:51 AM
Reedy closed subtask T309377: CVE-2022-29248: Update "guzzlehttp/guzzle" to version 6.5.6 as Resolved.Jun 24 2022, 8:53 AM
Reedy added a subtask: T308471: CVE-2022-34911: Username is not escaped in the "welcomeuser" message.
Reedy added a subtask: T308473: CVE-2022-34912: Username not escaped in the contributions-title message.Jun 24 2022, 8:55 AM
Reedy added a subtask: T311384: CVE-2022-31042/CVE-2022-31043/CVE-2022-31090/CVE-2022-31091: Update "guzzlehttp/guzzle" to 6.5.8/7.4.5.Jun 30 2022, 2:12 PM
Reedy closed this task as Resolved.Jun 30 2022, 8:47 PM
Reedy claimed this task.
Reedy changed the visibility from "acl*security (Project)" to "Public (No Login Required)".Jun 30 2022, 8:50 PM
Reedy changed the edit policy from "acl*security (Project)" to "All Users".
DannyS712 mentioned this in T311776: Tracking bug for MediaWiki 1.35.8/1.37.5/1.38.3.Jul 1 2022, 12:56 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL